safecasualdating69.com
Open in
urlscan Pro
162.0.229.226
Malicious Activity!
Public Scan
Submission: On October 11 via manual from US — Scanned from DE
Summary
This is the only time safecasualdating69.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Tinder (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 162.0.229.226 162.0.229.226 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
3 | 2a00:1450:400... 2a00:1450:4001:809::200a | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 213.227.156.193 213.227.156.193 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
1 1 | 2606:4700:20:... 2606:4700:20::681a:415 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 54.201.211.101 54.201.211.101 | 16509 (AMAZON-02) (AMAZON-02) | |
1 9 | 163.171.128.172 163.171.128.172 | 54994 (QUANTILNE...) (QUANTILNETWORKS) | |
5 | 2a00:1450:400... 2a00:1450:4001:800::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 152.199.19.160 152.199.19.160 | 15133 (EDGECAST) (EDGECAST) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
3 | 2606:4700::68... 2606:4700::6812:1734 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::2008 | 15169 (GOOGLE) (GOOGLE) | |
36 | 9 |
ASN22612 (NAMECHEAP-NET, US)
PTR: premium124-4.web-hosting.com
safecasualdating69.com |
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
best.elitelovetrc.info |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-211-101.us-west-2.compute.amazonaws.com
www.sec-trk-lnk.com |
ASN54994 (QUANTILNETWORKS, US)
enlistopenly.com | |
enter-shield.com | |
geoip.openlyenter.com |
ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com | |
ka-p.fontawesome.com |
ASN15169 (GOOGLE, US)
ssl.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
safecasualdating69.com
safecasualdating69.com |
983 KB |
7 |
enter-shield.com
enter-shield.com |
54 KB |
5 |
gstatic.com
fonts.gstatic.com |
126 KB |
3 |
fontawesome.com
kit.fontawesome.com ka-p.fontawesome.com |
62 KB |
3 |
googleapis.com
fonts.googleapis.com |
2 KB |
2 |
aspnetcdn.com
ajax.aspnetcdn.com |
129 KB |
1 |
google-analytics.com
ssl.google-analytics.com |
17 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com |
7 KB |
1 |
openlyenter.com
geoip.openlyenter.com |
695 B |
1 |
enlistopenly.com
1 redirects
enlistopenly.com |
648 B |
1 |
sec-trk-lnk.com
1 redirects
www.sec-trk-lnk.com |
614 B |
1 |
trackdemclicks.com
1 redirects
www.trackdemclicks.com |
1 KB |
1 |
elitelovetrc.info
1 redirects
best.elitelovetrc.info |
473 B |
36 | 14 |
Domain | Requested by | |
---|---|---|
12 | safecasualdating69.com |
safecasualdating69.com
|
7 | enter-shield.com |
safecasualdating69.com
enter-shield.com |
5 | fonts.gstatic.com |
fonts.googleapis.com
enter-shield.com |
3 | fonts.googleapis.com |
safecasualdating69.com
enter-shield.com |
2 | ka-p.fontawesome.com |
kit.fontawesome.com
|
2 | ajax.aspnetcdn.com |
enter-shield.com
|
1 | ssl.google-analytics.com |
enter-shield.com
|
1 | kit.fontawesome.com |
enter-shield.com
|
1 | code.jquery.com |
enter-shield.com
|
1 | cdnjs.cloudflare.com |
enter-shield.com
|
1 | geoip.openlyenter.com |
enter-shield.com
|
1 | enlistopenly.com | 1 redirects |
1 | www.sec-trk-lnk.com | 1 redirects |
1 | www.trackdemclicks.com | 1 redirects |
1 | best.elitelovetrc.info | 1 redirects |
36 | 15 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
upload.video.google.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
www.enter-shield.com AlphaSSL CA - SHA256 - G2 |
2020-07-30 - 2022-07-31 |
2 years | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
*.openlyenter.com AlphaSSL CA - SHA256 - G2 |
2021-01-04 - 2022-02-05 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-21 - 2022-09-20 |
a year | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2020-11-16 - 2021-11-10 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-13 - 2021-12-14 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
This page contains 2 frames:
Primary Page:
http://safecasualdating69.com/
Frame ID: 053BEE70C0584B5829A9E19639E65436
Requests: 14 HTTP requests in this frame
Frame:
https://enter-shield.com/join/join.php?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=&epcCID=x4r7RdWai55ck9SbndN3hbm3S2P0G7u4O
Frame ID: 9F17BB0AB9AB8813782A4DAA47F65B2F
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
Safe Dating - Personal MeetingsDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- kit\.fontawesome\.com/([0-9a-z]+).js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- http://best.elitelovetrc.info/click?pid=914&offer_id=123 HTTP 302
- https://www.trackdemclicks.com/tracking/click/?mt=446632&ofid=257&x1=61641a50728b17000165d372&sid=914 HTTP 302
- https://www.sec-trk-lnk.com/ep.php/prmafrts:71686/68114:446632-.8184b2b8c3515f448894c9d83484aa39 HTTP 302
- https://enlistopenly.com/signup/?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password= HTTP 302
- https://enter-shield.com/join/join.php?act=epc68114.46916-174549.446632-.8184b2b8c3515f448894c9d83484aa39&epcVIP=48.1046.d13&email=&password=&epcCID=x4r7RdWai55ck9SbndN3hbm3S2P0G7u4O
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
safecasualdating69.com/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
normalize.css
safecasualdating69.com/css/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
skeleton.css
safecasualdating69.com/css/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
safecasualdating69.com/css/ |
11 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logotin.png
safecasualdating69.com/images/ |
160 KB 160 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logosdf1.png
safecasualdating69.com/images/ |
23 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
err_btn.png
safecasualdating69.com/images/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.jpg
safecasualdating69.com/images/ |
202 KB 202 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.jpg
safecasualdating69.com/images/ |
201 KB 202 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3.jpg
safecasualdating69.com/images/ |
170 KB 170 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4.jpg
safecasualdating69.com/images/ |
195 KB 195 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
as-seen-on.gif
safecasualdating69.com/images/ |
8 KB 8 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
join.php
enter-shield.com/join/ Frame 9F17 Redirect Chain
|
12 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v14/ |
35 KB 35 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
geoip.openlyenter.com/ Frame 9F17 |
399 B 695 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame 9F17 |
37 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ Frame 9F17 |
569 B 464 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/ Frame 9F17 |
118 KB 119 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cejfxr2.css
enter-shield.com/common_tpls/compactML/css/ Frame 9F17 |
39 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.min.js
code.jquery.com/ Frame 9F17 |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/ Frame 9F17 |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b314bdf1b3.js
kit.fontawesome.com/ Frame 9F17 |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form_support.js
enter-shield.com/common_tpls/js/ Frame 9F17 |
977 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
validate_form_v2.js
enter-shield.com/common_tpls/js/ Frame 9F17 |
22 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ Frame 9F17 |
3 KB 561 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email.png
enter-shield.com/common_tpls/images/icons/ Frame 9F17 |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
password.png
enter-shield.com/common_tpls/images/icons/ Frame 9F17 |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframeResizer.contentWindow.min.js
enter-shield.com/common_tpls/js/ Frame 9F17 |
13 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ Frame 9F17 |
315 KB 53 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ Frame 9F17 |
26 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
ssl.google-analytics.com/ Frame 9F17 |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ Frame 9F17 |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ Frame 9F17 |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ Frame 9F17 |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLCz7V1s.ttf
fonts.gstatic.com/s/poppins/v15/ Frame 9F17 |
147 KB 67 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Tinder (Online)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect boolean| originAgentCluster function| changeImage3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.sec-trk-lnk.com/ | Name: AWSALBCORS Value: w4UiHOWN5h6PkMZrar69/qGBrcdVAFeujNz8ZJoybyNnZTbwP2+pu7fHjNDe9JqPhMkJjJL6xZvKn1pVEpYMh/kIQNAi0I2eXWmHJGsULhEsmsDz6PjFsazTIINL |
|
enlistopenly.com/ | Name: PHPSESSID Value: 056d77879754f63203532ec2f34dd93e |
|
enter-shield.com/ | Name: PHPSESSID Value: 06b8543732693fdd55e735a180a62aa7 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.aspnetcdn.com
best.elitelovetrc.info
cdnjs.cloudflare.com
code.jquery.com
enlistopenly.com
enter-shield.com
fonts.googleapis.com
fonts.gstatic.com
geoip.openlyenter.com
ka-p.fontawesome.com
kit.fontawesome.com
safecasualdating69.com
ssl.google-analytics.com
www.sec-trk-lnk.com
www.trackdemclicks.com
152.199.19.160
162.0.229.226
163.171.128.172
2001:4de0:ac18::1:a:3a
213.227.156.193
2606:4700:20::681a:415
2606:4700::6810:125e
2606:4700::6812:1734
2a00:1450:4001:800::2003
2a00:1450:4001:809::200a
2a00:1450:4001:82a::2008
54.201.211.101
055395b01212455e2e3cf174208947ef347110b0a0d8710f097237698d8eee2b
061127e49a90e7f609551e12a8a36d7a7b25103fb5566607732726af81839c8e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
146ca30e79339708e76fa0f2fa4bc60015b98c2296e19c3393a68c355fcaf72c
198814fa3098ba2d30dfde90c8f6c34fd14ea42c97e1002faee9ce0f5336b32d
2826f9525d9ff7b1d86065eb761da940e70856e239875b04e0e67a7c0edf3d4d
2911de3c20ebdd535d1ddc0b1a83e93692c1cf68499e0031c3e33e7c4ddcc8a0
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6
4bf0c008b8a8e4b48c1734ff85580f8b3bf2ff8829e096ed2d759a335c38b006
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
6a0d9a4a6da6d7c7bdb16b333fc573cb5af9e793de362c7fecf313ab88cf528a
6a644feb80d29d513d5c0e6c47b84366e426c91643a598164dbfa30a8d211f7b
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b
7ea84c29fdf1ecdc97caf7604e6cd1dbf625862821057f14b82f02a00701af9d
89d4b7e60391fb802c7bfae97619f5b13a212f1d318bf3944d7667412c6ec20a
8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74
8e223cc1c0b5d03c2ea02dcb46cbd4a6e6efcb1c1b255654e15ce01b8f21dac2
9143b17e79719449bb7e315e4a2a84b456e6fb39486c4232ce7e36b92ad02d42
9dc081383b4871d3a02c315bd5e0dbbd8e6c8b9c7c71cc9b3495abe8f0530655
9e4ec43012e369083ded9e256bb6309204c8c2ce4383a6f00c23d26bbbf83b96
aed604182c192f5ee87b3c1f8bcbcd5310960a2848d2dfad9d8a2c0bab06e249
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
cc78bbc89ae37cbd14089271a95f875d19faf024cbaf7474d4529d150108c0b0
ce37db8136546197bf5b555d0baede4d5944955799fdf64a7ebabca3599164e3
d3d63b7935a380583eff779be162760e9773c3d83d63fd81e0449aea76e794c8
d96d6c7d72113fbff993954d85934754f8743a4fc6d18124aa35c464a0e06ab1
e7ec422b20c12092e5ae042e5af9199a57f09dadc853d38253d22cdf965a6ed8
f2648f83e8bb78db15ffc5d01dcbc53fb6b8c585dcfabbb88bd0471b8399ca00
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1
fcc3c0dd45f22d3bd5d08fcf8a6885da5dde6d5b52998c7213605ae3a5259a30